Tag: device code phishing
6 articles

Helix Group Exploits SharePoint with Advanced Vishing Tactics
Helix Group hackers are using clever voice phishing tactics, often impersonating managers, to trick victims into handing over account access. They use a simple yet effective playbook, starting with a convincing phone call that sets the stage for a device-code phishing scheme.

EvilTokens Exposes New Blind Spot in Email Security
A shocking 75.6% of consulting firms were exposed to phishing attacks in 2026, with other industries like financial services, manufacturing, and tech also falling prey to these threats. EvilTokens' ghost phishing campaign uses a sneaky Microsoft Device Code Phishing tactic to trick victims into giving hackers access to their Microsoft 365 accounts.

Microsoft Warns of Device Code Phishing Attacks via Legitimate Website
Beware of device code phishing attacks that can trick you into giving away access to your accounts, even on legitimate websites. Hackers are using a clever tactic that exploits Microsoft's authentication endpoint to steal your credentials.

EvilTokens Phishing Kit Exposes Sophisticated Evasion Tactics
Microsoft VP of security research Tanmay Ganacharya revealed that 10-15 distinct EvilTokens phishing campaigns have been launching daily since March 15, 2026, showcasing the alarming speed at which device-code phishing operations have scaled. This comes as Cisco Talos incident responders uncovered a targeted phishing chain that abused a real vendor relationship using an outstanding-invoice lure.

Browser Becomes Front Line in AI Security Battle
The battle for AI security is heating up, and the browser has become the front line - with security teams facing a double threat of AI-powered attacks converging in this critical space. Attackers are leveraging AI to supercharge phishing techniques, including device code phishing kits that have surged 18x in just one year.

Tycoon2FA Exploits Microsoft 365 with Device-Code Phishing
Beware of Tycoon2FA's sneaky phishing tactics: victims are tricked into granting OAuth tokens to attackers through Microsoft's own device-login flow after clicking a malicious link. This comeback kid of a phishing kit has bounced back from a March disruption, now with added layers of obfuscation to evade detection.